Lucene search
K

781 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-21051

Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42516

Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\servicewrapper.exe or C:\bosh\bosh-agent.exe and gain NT AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full...

8.8CVSS7.2AI score0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-47830

Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\servicewrapper.exe or C:\bosh\bosh-agent.exe and gain NT AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full...

8.8CVSS7.2AI score0.001EPSS
Exploits0References2
NVD
NVD
added 2026/07/05 3:16 p.m.7 views

CVE-2026-9085

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: from =0.5.1 before 0.7.0...

8.8CVSS0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/05 2:38 p.m.43 views

CVE-2026-9085 DNS Hijacking in TUBITAK BILGEM's Pardus-Parental-Control

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: from =0.5.1 before 0.7.0...

8.8CVSS0.00101EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.15 views

PT-2026-55805

Name of the Vulnerable Software and Affected Versions Pardus-Parental-Control versions prior to 0.7.0 Description Improper access control and incorrect permission assignment for a critical resource allow for DNS Spoofing, which enables attackers to manipulate DNS resolutions. Recommendations Upda...

8.8CVSS6AI score0.00101EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 2:47 p.m.5 views

EUVD-2026-39431

CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files...

6.7CVSS5.8AI score0.00106EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.9 views

EulerOS 2.0 SP13 : tigervnc (EulerOS-SA-2026-2359)

According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application...

9.8CVSS5.5AI score0.00247EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

RHEL 7 : tigervnc (RHSA-2026:22456)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22456 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

9.8CVSS5.7AI score0.00489EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.12 views

CVE-2026-40462

Incorrect permission assignment vulnerabilities exist in iControl REST and TMOS shell tmsh undisclosed command which may allow an authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.1CVSS5.5AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-44469

The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before...

8.5CVSS5.5AI score0.00105EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Nano vulnerabilities (USN-8386-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8386-1 advisory. Micha Majchrowicz and Marcin Wyczechowski discovered that Nano created the /.local directory with...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/04 11:29 a.m.10 views

TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions

A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service DoS...

9.8CVSS5.8AI score0.00247EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/04 11:15 a.m.24 views

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

9.8CVSS5.9AI score0.00489EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2026/06/02 1:16 p.m.11 views

USN-8369-1: Apache Tomcat Connectors vulnerability

It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify modjk configuration data in shared memory, resulting in sensitive information exposure or a denial of service...

5.9CVSS6.3AI score0.00326EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/02 8:29 a.m.9 views

TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions

A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service DoS...

9.8CVSS5.8AI score0.00247EPSS
Exploits0References8
NVD
NVD
added 2026/06/01 9:16 a.m.13 views

CVE-2026-27788

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

8.5CVSS0.00097EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/01 7:20 a.m.11 views

CVE-2026-49157

Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...

8.8CVSS5.8AI score0.00424EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/01 7:17 a.m.12 views

CVE-2026-27788

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

8.5CVSS5.8AI score0.00097EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 7:17 a.m.14 views

EUVD-2026-33571

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

8.5CVSS7.1AI score0.00097EPSS
Exploits0References2
Rows per page
Query Builder